ECA-VFog: An efficient certificateless authentication scheme for 5G-assisted vehicular fog computing

Fifth-generation (5G)-enabled vehicular fog computing technologies have always been at the forefront of innovation because they support smart transport like the sharing of traffic data and cooperative processing in the urban fabric. Nevertheless, the most important factors limiting progress are concerns over message protection and safety. To cope with these challenges, several scholars have proposed certificateless authentication schemes with pseudonyms and traceability. These schemes avoid complicated management of certificate and escrow of key in the public key infrastructure-based approaches in the identity-based approaches, respectively. Nevertheless, problems such as high communication costs, security holes, and computational complexity still exist. Therefore, this paper proposes an efficient certificateless authentication called the ECA-VFog scheme for fog computing with 5G-assisted vehicular systems. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by a fog server through a 5G-base station. This work conducts a safety analysis of the security designs to analysis the viability and value of the proposed ECA-VFog scheme. In the performance ovulation section, the computation costs for signing and verification process are 2.3539 ms and 1.5752 ms, respectively. While, the communication costs and energy consumption overhead of the ECA-VFog are 124 bytes and 25.610432 mJ, respectively. Moreover, comparing the ECA-VFog scheme to other existing schemes, the performance estimation reveals that it is more cost-effective with regard to computation cost, communication cost, and energy consumption.


Introduction
Technologies related to automobiles have consistently ranked among the most promising areas of research and development. Improvements in human well-being have a knock-on effect on automotive engineering [1][2][3]. Nowadays vehicle networks are in the spotlight for a variety of reasons, including urban traffic congestion and road accidents. Many crucial traffic issues are communicated to users via vehicle networks, including speed alerts, cornering, road status information, road conditions, intersection warnings, and pedestrian crossing alerts [4][5][6]. Several countries' transportation systems have recently implemented widespread deployments of 5G technology, vehicle networks, and fog computing to enhance driver safety and better handle increasingly chaotic traffic patterns [7][8][9]. Intelligent transportation systems (ITS) collect, process, and disseminate traffic data in the context of networked cars through the use of wireless devices installed in vehicles (called onboard units, or OBUs) [10][11][12].
Because traffic-related messages travel through a wireless channel, they are vulnerable to eavesdropping, tampering, replaying, and deletion by hostile actors [13,14]. So, vehicular ad hoc networks (VANETs) need to address privacy and security concerns before they can be used in real-world applications. Several works have been presented over the past few years concerning authentication schemes for vehicular communication. These works range from public key infrastructure (PKI) approaches [15][16][17][18][19] and identity (ID) approaches [5,11,[20][21][22][23][24][25]. In PKI-based approaches, the trusted authority forces a huge number of security keys and relevant certificates onto the vehicles to ensure the security of users' private data. However, certificate management complexity is a major drawback of these schemes. While, in the identity (ID)-based approaches, the message is signed using the transmitter's secret key, and the receiver's public key is utilised to verify the signature. But, key escrow is a major flaw in these schemes.
Thus, to resolve these issues in PKI-based and ID-based approaches, several scholars have suggested certificateless authentication approaches in order to avoid complicated management of certificate and escrow of key, respectively. However, challenges such as expensive communication, insecure systems, and complicated processing remain. This research, therefore, presents an effective certificateless authentication mechanism for vehicle fog computing over 5G networks; we term it ECA-VFog. The proposed ECA-VFog technique utilized a 5G-base station-supported fog server for its elliptic curve cryptography-based efficient operations. The main lists of the contribution of this work are as follows.
• This paper suggests an efficient certificateless authentication called ECA-VFog scheme for fog computing with a 5G-assisted vehicular system. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by a fog server through a 5G-base station.
• The innovative of the proposal is that the fog severer receives partial pseudonym-ID and partial private key from key generation center (KGC) for the signature verification process.
• The ECA-VFog scheme avoids complicated management of certificate and escrow of key in the public key infrastructure-based studies and in the identity-based approaches, respectively.
• Security evaluation shows that the proposed ECA-VFog scheme fulfills security requirements (data authenticity and integrity, pseudonym identity, traceability, unlinkability, location privacy, non-repudiation) and resists security attacks (forgery, modified messages, replay, and man-in-the-middle) for vehicular fog computing based on 5G technology.
• The evaluation of the ECA-VFog scheme's performance shows that it is more efficient than existing schemes with regards to computation cost, communication overhead, and energy consumption.
Here's how the remainder of the work is laid out: Section 2 shows some relevant work. Section 3 lists the architecture model, security design and cyber-attacks, and operation-based mathematical tool of our ECA-VFog. In Section 4, our ECA-VFog and it's implementation phases are given. Informal and formal analysis are lsited in Section 5. The evaluation of performance is analyzed in Section 6. This study is concluded and summarized in Section 7.

Literature review
This section reviews some relevant work that proposed authentication schemes for vehicular communication. We classify these schemes based on approaches used to secure messages. These taxonomies are public key infrastructure (PKI)-based, identity (ID)-based, and certificateless authentication approaches.

PKI-based approaches
Many PKI-based approaches [15][16][17][18][19] have been proposed to secure vehicular systems. These schemes are reviewed as follows. Sakhreliya et al. [15] presented the PKI-SC system, which combines the best of both worlds by integrating the MAC technique into the standard PKI certificate process. The MAC and ECDSA algorithms are deployed on the nodes in order to make a fair comparison among the PKI and PKI-SC systems, and the packet size is utilized to evaluate the time it takes for each system's communications to complete a given task. Utilizing the ideas of Bayesian Coalition Game (BCG) and Learning Automata (LA), Kumar et al. [16] developed an effective decentralized PKI. Los Angeles was supposed to be the game's participants, who work together to share information. In their solution, a coalition of dynamic between the users is created utilizing encryption of symmetric key and message authentication based on hash to protect the privacy and authenticity of the exchanged information. Jiang et al. [17] designed a PKI-based pseudonym authentication scheme by establishing secure session keys and providing the method of disclosing malicious vehicular to construct a timestamp signature. Zhang et al. [18] proved a PKI identity management based on blockchain and model of authentication, which makes use of smart contracts to lessen the load on TRA from handling the entire digital certificate life cycle alone. Moussaoui et al. [19] suggested a decentralized system for pseudonym management in vehicular communication.
To carry out the many anonymity-related tasks, Moussaoui et al. [19] employed blockchain technology that calls for two separate blockchains: one for registering aliases and another for deleting them. Nevertheless, the main disadvantage of these schemes is complicated management of certificate.

ID-based approaches
Many ID-based approaches [5,11,[20][21][22][23][24][25] have been suggested to address limitations on PKIbased schemes. These schemes are reviewed as follows. In order to achieve the goals of confidentiality, anonymity, and security in a VANET, Alazzawi et al. [20] suggested a novel IDbased approach. In the event that the roadside unit (RSU) is compromised, the proposed approach used a pseudonym during the joining procedure to conceal the true identity. For secure vehicle-to-vehicle (V2V) data exchange, Ali et al. [21] suggested applying Elliptic Curve Cryptography (ECC) and general hash functions to create ID-based approaches by using the batch signature investigation mode, a huge volume of data can be authenticated simultaneously. In order to secure V2V communications over vehicular systems, Bansal et al. [22] offered an Identity-based authentication method that makes use of both ID and ECC. Through efficient V2V communications, the approach guaranteed source verification, data integrity, non-repudiation, and vehicle anonymity. Mohammed et al. [23] designed a pseudonym authentication based on fog computing to minimize the performance efficiency in 5G-assisted vehicular systems. The FC-PA study performs only one operation of ECC scalar multiplication to check data. By using fog computing technology, Al-Mekhlafi et al. [5] introduced an authentication scheme for 5G-assisted vehicle systems. A fog server computes and stores a unique selecting of public anonymity identities and signature keys for each legal component. For fog computing with 5G-assisted vehicular systems, Mohammed et al. [11] proposed a pseudonym authentication technique. Under their works, a fog server generates a temporary secret key for each participating vehicle to use for validating digital signatures. To counteract potential sidechannel attacks and slow down the system, Alshudukhi et al. [24] constructed an authentication technique with supporting a privacy factors. In addition, the TPD regularly and often updates its most important data in an effort to thwart side-channel attacks. Bayat et al. [25] suggested an innovative and effective authentication method for vehicular communication by enabling vehicles to authenticate each other without the usual restrictions imposed by the necessity for a designated group of signers, an active network of Road Side Units (RSUs), a secret key, or other similar safeguards. However, the major disadvantage of these schemes is escrow of key.

Certificateless authentication approaches
To cope with these issues, massive certificateless authentication studies with pseudonyms and traceability have been suggested. These studies avoid complicated certificate management and key escrow in the PKI-assisted studies and the ID-assisted studies, receptively. These schemes are as below. Wang et al. [26] construed a privacy factors scheme by adopting a full aggregation approach for reducing resources in terms of bandwidth and computation. Xu et al. [27] constructed certificateless fixed checker proxy signature using unmanned aerial vehicles (UAVs) to address privacy and security concerns in smart city systems. Ming et al. [28] suggested an efficient certificateless authentication scheme by achieving a security-enhanced solution and addressing massive communication overhead, security vulnerability, and computational complexity. Tan et al. [29] proposed a certificateless UAV group verification approach in order to achieve security communication in infrastructure-less internet of vehicle (IoV). Zhou et al. [30] introduced a secure ECC scheme by utilizing key agreement and a three-party authentication scheme in medical IoT. Rajasekaran et al. [31] proposed a secure ECC method that supports batch verification and mutual authentication for online learning in Industry 4.0. Zhou et al. [32] introduced a security-enhanced solution to combat a forgery attack and satisfy a trade-off between efficiency and safety in vehicular communication. Liang et al. [33] evaluated the safety of a certificateless aggregate signature for vehicular communication, focusing on the preservation of privacy under certain conditions. The investigation reveals that it is suffering from forgery attacks. Thus, Liang et al. [33] proposed a better strategy to cope with the security flaw.

Background
This section demonstrates the architecture model of the proposal ECA-VFog scheme in terms of the five components used. Then, we list the security design and cyber-attacks that should be resisted in this paper. Finally, the operation-based mathematical tool used to sign and verify messages is also provided.

Architecture model
Our architecture model has five parts, as depicted in Fig 1: A tracing authority (TRA), a key generation center (KGC), a 5G-base station (5G-BS), a fog server (FS), and onboard units (OBUs). Since 5G-BS doesn't be able to compute and storage any security parameters. Therefore, we don't care the assumption of this proposed in term trust or not trued. While, this paper assumes fog server is not trusted, therefore, the KGC preload partial public key and partial signature to communication with vehicles. Finally, the TRA and KGC are fully trusted in this system model to generate security parameters. The following are some of the roles that these parts play.
• Tracing Authority (TRA): Vehicle registration in the vehicular system falls under the purview of the TRA, a central authority in the field. Its other duty is to provide the KGC with a means of partial anonymity. When a malicious event is detected, only the TRA will reveal the true identities of the vehicles and fog servers. Contacting TRA on a regular basis allows vehicles and fog servers to keep their credentials up to date. So they are still part of vehicular communication. If the TRA has previously identified malicious behavior from a user (vehicle/fog server), the TRA will refrain from performing identity updates for that user.
• Key Generation Center (KGC): As a credible source, KGC is an asset. It is compatible with TRA and can produce vehicle and RSU partial private keys (PPK). Partial key generation in related schemes is no longer hampered by the need to escrow keys. Related schemes incorporate KGC, which is absent from identity-based authentication schemes. It helps TRA establish the anonymous identities of vehicles and fog servers, too. Only TRA knows the true identity, and KGC can only get a glimpse of this fake one.
• 5G-Base Station (5G-BS): The 5G-BSs are stationary base stations set up by the side of the road. Its only use is as a bridge between vehicles, fog servers, and TRA, and it lacks both computing and storage capabilities. This is because it can accommodate a wide variety of device-to-device (D2D) communication standards. Because 5G-BSs are hardware, they are immune to attacks.
• Fog Server: Fog server is the roadside infrastructure that enables vehicle-to-infrastructure (V2I) communication and can also realize inter-infrastructure (I2I) communication. FSs can simultaneously relay multiple messages collected from vehicles. FSs are stationed in various areas behind 5G-BS, and passing vehicles are made aware of their location. By sharing information, it can also boost circulation in the area covered by 5G-BS.
• Onboard Units (OBUs): OBUs are installed in car. They employ vehicle-to-vehicle (V2V) to talk to one another and V2I to talk to the fog server. Traffic and signature-related messages are generated by vehicles and sent to other vehicles or fog servers. There is a tamper-proof device (TPD) in the vehicles. The data on this device is strictly private.

Security design
The safety of the vehicular network is compromised by cyber attacks, which can even result in human casualties. The following sections detail the minimum standards for security against cyber attacks and unauthorized access that the ECA-VFog scheme in the 5G-enabled vehicular fog computing must meet.
• Message authenticity and safety: To emphasize the integrity of the received data, the receiving component must first confirm that the sending vehicle is also registered in the vehicular communication.
• Pseudonym and Traceability: Due to security concerns, the true identities of the vehicles and fog servers must be concealed, so they instead adopt aliases. The pseudonym of vehicles or fog servers does not make them immune to detection when they are engaged in criminal activity. The TRA reveals their true identities here. This guarantees that the vehicles can be tracked at any time.
• Un-linkability: An adversary must be unable to connect identical vehicle or fog server-generated signatures and messages. A new identity must be used for each transmission even if the vehicle and fog server sends the message anonymously. The message and the sender's identity can be linked if the sender's pseudonym information is not altered.
• Non-repudiation: The content of transmissions from vehicles and fog servers is their own responsibility. They should be unable to deny it even if they send messages using fake names and signatures.
• Location Privacy: Protecting the confidentiality of vehicle locations is crucial for their safety.
There are a number of means that attackers can use to track down vehicles. To protect their users' location privacy from attackers, vehicles use pseudonym identities rather than their real names, and these identities are randomly generated for each message sent.
• Forgery Attack: An adversary posing as a network user (vehicle/fog server) can send messages to other tools and fog servers in vehicular communication.
• Various cyber attacks: Cyber attacks such as replay attacks, man-in-the-middle attacks, modified messages, etc., are extremely common in VANETs.

Elliptic Curve Cryptography (ECC)
Since it is determined on the finite field F p , ECC is an encryption technique of public-key. The equation

The proposed ECA-VFog scheme
The proposed ECA-VFog scheme includes phases, Setup, Registration phase, GenPPID, GenPPK phases, GenCLSig and CLSigVerify, as shown in Fig 2. Unlike the related works, in the Setup phase, both TRA and KGC issue system parameters based on the elliptic curves and broadcast them to register vehicles and fog servers through the registration stage. While KGC is responsible for creating the partial pseudonym-ID PPID V and partial private key PPK for vehicles and fog servers to maintain the original identity during GenPPID and GenPPK phases. According to the GenCLSig phase, the transmitter signs the data by generating a signature and secret parameters, while the receiver will check the validity and originality of the data during the CLSigVerify stage. These phases are described in detail as follows. Table 1 lists notations and their definition.

Setup phase
In order to design a secure and effective ECA-VFog scheme, the most crucial part of setting up a system is choosing its parameters. The steps for this stage are outlined below.
• Both the TRA and the KGC agree that for any finite field, F p , an elliptic curve E(a, b) exists if and only if p is a sufficiently big prime amount and a, b are fixed integers less than p. The expression y 2 = x 3 + ax + b (mod p) defines the E(a, b).
• Both the TRA and the KGC pick values for a and b and verify that 4a 3 + 27b 2 6 ¼ 0. (mod p).
If the condition of equality is not met, a and b are chosen again. Then, a starting point P of level q is chosen.
• The four functions of general secure hash h 1,2,3,4 are selected as follows. h 1 : • The TRA picks a secret key s 2 Z * q and calculates the relevant key of public Pub TRA = s � P.

Registration phase
In this phase, fog servers and vehicles are given unique identifiers that can be used to register with the TRA. Here's how this step is carried out: • The TRA calculates Ps v = VID i � h 1 (Pub TRA ||S) utilising vehicle V i 's original identity VID i and its private key s. Ps v is a constraint amount for the vehicle V i and its original identity VID i can only be disclosed by the TRA.
• Likewise, the TRA executes the same procedure for the fog server F i . The TRA calculates Ps f = FID i � h 1 (Pub TRA ||S) utilizing fog server F i 's original identity FID i , and its private key S. Ps f is a constraint amount for the fog server and its original identity (FID i ) can only be disclosed by the TRA.
• The TRA loads the values of Ps v and Ps f in the TPD of the vehicle V i and fog server F i , respectively.

GenPPID and GenPPK phases
The privacy and security of vehicular communication depend on the vehicles' and fog servers' ability to maintain their true identities at all times. KGC generates partial pseudonym-ID PPID and partial private key PPK at this phase. Vehicle's partial pseudonym-ID PPID V and fog server's partial pseudonym-ID PPID F are known only to TRA to satisfy traceability requirements. The following procedures are carried out during this stage for vehicles and fog servers.

Vehicles.
• The vehicle V i inputs the value of Ps v to the KGC.
• The KGC verifies Ps v in vehicle database sent by TRA. Vehicles that have received fines or that are not properly registered are not included in this database. The KGC will continue its calculations if the value Ps v is present in the database; otherwise, it will exit.
• The vehicle V i 's partial pseudonym-ID PPID V = Ps v � h 2 (x � Pub TRA ) is calculated by utilizing its secret key x.
• The KGC chooses a secret key w 2 Z * q .
• The KGC transmits parameters {PPID V , PPK v } to the vehicle V i via a secure channel.

Fog servers.
• The fog server F i inputs the value of Ps f to the KGC.
• The KGC verifies Ps f in fog server database sent by TRA. Fog servers that have received fines or that are not properly registered are not included in this database. The KGC will continue its calculations if the value Ps f is present in the database; otherwise, it will exit.
• The fog server F i 's partial pseudonym-ID PPID f = Ps f � h 2 (x � Pub TRA ) is calculated by utilizing its secret key x.
• The KGC chooses a secret key l 2 Z * q .
• The KGC transmits parameters {PPID f , PPK f } to the fog server F i through a secure channel.

GenCLSig phase
Before sending a message, the vehicle signs it to ensure its safety. Therefore, the vehicle that received the message checks its veracity. After receiving the PPK and PPID calculated by the KGC, the vehicle is able to send messages to other vehicles and fog servers. As a result, the proposed ECA-VFog scheme eliminates the need for vehicles and fog servers to continuously communicate with the KGC and the TRA. The following steps are taken during this stage.
• The vehicle v i randomly select secret key r i 2 Z * q .
• The vehicle v i computes its vehicle secret key Pri v = PPK v + r i utilising the secret key r i and PPK v .
• The vehicle v i computes R p,i = Pri v � P.
• The vehicle v i computes its public key R pub = R p,i − Pub KGC .
• The vehicle v i computes its anonymous identity AID v = PPID v � h 3 (r i � Pub TRA ) utilising r i and partial anonymous identity PPID v for each message.
where m v,i is exchanged message T V,i is freshness timestamp, and anonymous identity AID v .
• The vehicle v i issues signature σ v,i = Pri v + r i � δ v,i (mod q).
• Finally, the vehicle v i broadcasts the message-parameters {m v,i , AID v , R pub , D v,i , T V,i , σ v,i } to other vehicles and fog servers.

CLSigVerify phase
In this phase, the vehicle or fog server that received the message performs an authentication and integrity check to decide whether or not to accept the message. This step is carried out as follows for a verification process.
• The verifier controls the timestamp T V,i of the data obtained at period T. The message is declined if T − T V,i > ΔT. If not, it advances to the next level. This means that messages that have already expired are deleted without being read.
• The verifier computes As a result, (1) can be demonstrated. It is determined during the verification process by employing the message and previously published parameters. If any of these values are altered, the signature can no longer be validated. Meanwhile, the proposed offers batch authentication to raise efficiency in traffic. The verifier checks Eq 2 once receiving multiple messages.

Security evaluation
This section evaluates security with regards to informal and formal analysis as follows.

Security analysis
• Message Authenticity and Integrity: The unit and the fog server use the message parame- is computed by the receiver (vehicle/fog server) using a timestamp T V,i , and an anonymous identity AID v , R pub , and m v,i are the car's public key and message, respectively. This ensures that the received message is both authentic and intact. If one variable is changed, the other cannot bring about parity. As a result, our ECA-VFog method proves the authenticity and confidentiality of communications.
• Pseudonym Identity: Pseudonym is used by vehicles and fog servers because it is necessary for security reasons to conceal their true identities [34]. Vehicles and fog servers may be able to avoid detection when they engage in illegal activity by using false identities; however, this is not always the case. Their true identities are exposed here thanks to the TRA. With the ECA-VFog scheme, the vehicle (or fog server) generates its own unique pseudonym identity with each signature. Before this happens, TRA, KGC generate a pseudonym partial identifier for the vehicle (or fog server): To ensure privacy, TRA, and KGC issue vehicles with only partial anonymity; the vehicles then use r i and the partial pseudonym identity PPID V to determine the anonymous identity Ps v for each message. As a result, the proposed ECA-VFog scheme ensures the pseudonym identity of communications.
where s is TRA's private key and AID v is the pseudonym identity, can be derived using these equations. With these numbers, the TRA can piece together the vehicle's partial anonymous identity, known as AID v . In conclusion, TRA is the only method capable of revealing the identity, with AID v = PPID v � h 3 (S � D v,i ). Therefore, the ECA-VFog allows for identification tracking while also protecting users' privacy (anonymity).
• Unlinkability: No two signatures or messages from the same vehicle or fog server should be linked in an attacker's mind. If the pseudonym identity is not altered between each message broadcast, it is still possible to determine the sender and recipient of the message. Each time a signature is calculated in the ECA-VFog scheme, the vehicle AID v , T V,i , R pub used in the calculation are chosen at random. The message parameters that are transmitted along with the message are dynamic and can change for each transmission. As a result, the ECA-VFog scheme guarantees unlinkability.
• Location privacy: A vehicle's location and communications should be kept private through the use of a pseudonym identity. Each message in the proposed ECA-VFog scheme undergoes a pseudonym identity calculation prior to transmission. This prevents the attacker from linking any of the messages together. The proposed ECA-VFog scheme is a pseudonym and cannot be traced back to an individual. All of these characteristics have been shown above. Location secrecy is thus ensured by the ECA-VFog.
• Non-repudiation: The transmissions made by vehicles and RSUs are their own responsibility. Their true identity will be exposed if they deny sending the message. Therefore, there is no way for the sender (vehicle/fog server) to claim that it did not send the message. AID v = PPID v �h 2 (S � Pub KGC )�h 1 (S||Pub TRA ) is the TRA formula that will reveal the identity of the pseudonym person. Thus, ECA-VFog ensures that claims cannot be contested.
• Impersonation attack: The impersonation assault requires the attacker to craft a forged message m v,i and its the message parameters Since this is based on ECDLP, however, it is quite challenging to implement. So, our ECA-VFog method is secure against impersonation.
• Modification attack: When the message is checked to see if it contains the equation any tampering by the attacker is immediately revealed. Since , equality cannot be achieved if even one of these parameters is altered. The vehicle's public key R pub and message m v,i . That's why the ECA-V-Fog is resistant to tweaks.
• Replay attack: The adversary executes this attack by reusing previously validated messages.
Verifying the timeliness of the timestamp used in the parameters The message parameters can thwart the attack. This means that the ECA-V-Fog is resilient against a replay assault.
• Man-in-the-middle attack: An attacker can deceive two vehicles or fog servers into thinking they are in constant contact with each other by exchanging information with them. It takes in private information and traffic messages, alters them, and relays the new versions to other vehicles or fog servers. Since all forms of mutual communication in the ECA-VFog require authentication, an unauthenticated attacker would be unable to launch such a campaign against a TRA. After registration, the vehicle contacts the KGC because the TRA has provided it with a partial pseudonym identity and private key, The ECA-VFog scheme would be safe from a MITM attack in this case.

Formal security verification using AVISPA tool
In order to formally validate the cryptographic protocol's security, we employ the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool [35,36]. To illustrate the security protocol, AVISPA makes use of the HLPSL [37,38], which also enables us to state the security aspects of the protocol that need to be checked. As can be seen in Fig 3 of the AVISPA architecture. SPAN is fed the protocol's CAS+ specification in Alice Bob notation, and it outputs a script in HLPSL. The HLPSL script is sent to an IF translator, which then runs it via the HLPSL to IF translator and the AVISPA backends for analysis. To ensure that the goals specified in HLPSL's goal section are met, AVISPA employs four backends: OFMC, CLAtSe, SATMC, and TA4SP. To ensure that the protocol is secure for the specified number of sessions or until an attack is discovered, the backend runs it through an infinite number of iterations. The HLPSL uses a state machine model of the protocol. There is a variable associated with each state, and as that variable's value shifts, the corresponding state shifts.
HLPSL uses the Doley-Yao threat model [39] to ensure that the cryptographic protocol is secure against man-in-the-middle assaults and replay assaults. The model assumes that the intruder can listen in on, steal, and forge any communication. Fig 4 show the simulated outcomes of the proposed ECA-VFog scheme. The protocol analysis tool ATSE found that out of 30 states, 24 are reachable, the translation time was 0.001 seconds, and the computation time was 0.001 seconds. With a depth of 6 heaps and a search period of 0.06 seconds, OFMC visits a total of 64 nodes. This result proves that the suggested protocol is secure against any kind of attack.

Performance evaluation
This section evaluates and compares the performance of the proposed ECA-VFog scheme with relevant schemes Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33]. The evaluation criteria used for performance are computation, communication, and energy consumption overheads.

Evaluation and comparison of computation overhead
Here, we evaluate and compare the ECA-VFog scheme and some existing works Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33] in terms of the overhead of computation. The following steps display the calculated achievement times (ms: millisecond) of cryptographic operations applied in the signing, verification, and batch verification of messages.
• T bp : Operation of bilinear pairing (bp) in Q, P 2 G 1 . The running time for T bp is 6.101 ms.
• T sm bp : Operation of scalar multiplication s � P of the bp, P 2 G 1 , s 2 Z * q . The running time for T sm bp is 1.6765 ms. This work utilizes the MIRACL cryptographic library [40] to time various cryptographic procedures. The machine runs Windows 10 on an Intel(R) Core(TM) i7-8550u processor at 1.80 GHz with 8 GB of RAM. Let's measure the computation overhead of the proposed ECA-VFog scheme. Table 2 displays the message singing, single verification, and batch verification computation costs for the proposed ECA-VFog scheme as well as other related works.
In the ECA-VFog, the computation of the message signing process needs one-point addition, three scalar multiplications, and two general secure hash functions. Therefore, the total running time of the message signing process is computed as 1T pa ecc + 3T sm ecc + 1T h = 1 * 0.0042 + 3 * 0.7829 + 1 * 0.001 � 2.3539ms. Computation of the single verification needs two-point additions, two scalar multiplications, and a general secure hash function, thus the entire computation time of this phase is computed as 2T pa ecc + 2T sm ecc + 1T h = 2 * 0.0042 + 2 * 0.7829 + 1 * 0.001 � 1.5752ms. Lastly, the computation of the batch verification needs (3n-1) addition point, (n + 1) scalar multiplication, and n general secure hash functions, thus the entire computation time of batch verification is computed as ð3n À 1ÞT pa ecc + ðn þ 1ÞT sm ecc + nT h � 0.7965n + 0.7787ms. Similarly, the computation costs of message singing, single verification, and batch verification are computed in terms of computation overhead in schemes Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33].

Evaluation and comparison of communication costs
Here, we evaluate and compare the ECA-VFog scheme and some existing works Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33] in terms of the overhead of communication. To compare the ECA-VFog's communication overhead to those of other schemes, let's assume the following sizes of the various elements.
• G 1 : The multiplicative cyclic group. The size of the item in G 1 is 128 bytes.
• G: The additional cyclic group. The size of the item in G is 40 bytes.
• Z * q : The finite field. The size of the item in Z * q is 20 bytes. • T i : The timestamp. The size of the Z * q is 4 bytes.
During the signing message of the proposed ECA-VFog scheme, the vehicle v i broadcasts the message parameters {m v,i , AID v , R pub , D v,i , T V,i , σ v,i } to other vehicles and fog servers, where {R pub , D v,i }2G, fAID v ; s v;i g 2 Z * q , and timestamp {T V,i } = 4 bytes. Therefore, the bandwidth overhead of ECA-VFog is computed as 2 * 20 + 2 * 40 + 4 = 124 bytes. Likewise, the bandwidth overheads of Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33] are computed as 237, 388, 208, and 256 bytes, respectively. Table 3 provides a measurement of communication overheads.

Evaluation and comparison of energy consumption overhead
We use the procedure outlined in Table 2 to resolve the energy requirements of the ECA-VFog proposal. Using the full strength of the CPU (10.88 Watt) and the cost it takes to complete the task, the energy exhaustion can be computed as follows: E = P.t, whitch E is the power used, P is the full strength of the CPU, and t is the computation cost.
Let's calculate the energy exhaustion overhead of our ECA-VFog method. The energy exhaustion overhead E of the ECA-VFog in message signing is computed as 10.88 * 2.3539 = 25.610432 mJ (E = P .t). Then, the energy exhaustion overhead E of ECA-VFog in single verification is computed as 10.88 * 1.5752 = 17.138176 mJ. Then, the power exhaustion overhead E of ECA-VFog for 10 messages (x = 10) in batch verification was calculated as 10.88 * 8.7437 = 95.131456 mJ. likewise, the energy exhaustion overhead of data signing, single authentication, and batch authentication is computed in schemes Bayat et al. [25], Wang et al. [26], Zhou et al. [32] and Liang et al. [33]. In Fig 7, we see a measurement among our ECA-V-Fog method and other existing schemes with regards to the message singing and verifying energy exhaustion overheads.

Conclusion
This paper has proposed an efficient certificateless authentication with pseudonym and traceability called an ECA-VFog scheme for fog computing with a 5G-assisted vehicular system. The ECA-VFog scheme avoids complicated management of certificate and escrow of key in the public key infrastructure-assisted works the identity-assisted works, respectively. The proposed ECA-VFog scheme applied efficient operations based on elliptic curve cryptography that is supported by fog servers through 5G-BS. Security evaluation shows that the proposed ECA-VFog scheme satisfies security factors (data authenticity and integrity, pseudonym identity, traceability, unlinkability, location privacy, non-repudiation) and resists security attacks (Forgery, modified messages, replay, and man-in-the-middle) for vehicular fog computing based on 5G technology. The evaluation of the ECA-VFog scheme's performance shows that it is more efficient than relevant studies with regards to communication overhead, computation overhead, and energy consumption.
In future work, we extend this work to apply instead of 5G for secure compunctions in vehicular fog computing.